Got Sec Job but no training how learn be analyst?

Hi there

I’ve managed to get a security Job by studying A+, Net+, Sec+

Problem is I’m way out of my depth and no training whatsoever is being provided.

Everyone is super busy and does not have much any time to assist me & mostly discourage any requests for their time & have steam coming out their ear’s.

The company has recently switched to Azure ATP for their security tool’s.
I’m trying to learn but this will take time.

I’m being given incidents with walls of text to analyze but the network layout was never explained to me.

I’ve raised this with management consistently but this is not going to change.

I’ve been able to build AD at home and generally do very well within help desk and troubleshooting roles in the past.

I’m looking to train to be able to analyze incidents using tools.

Problem is when looking at most training material it shows you the tool and what it is but I feel I need many different scenarios and case studies to use these tools as an analyst.

Training as an analyst with sample event logs, O365 logs,. Email header logs etc. and break down of how we interpret these walls of text.

In the past to learn AD I was able to build an AD at home using virtualization and was able to experiment but a P1 Azure subscription is too expensive for me to rent and work have refused to provide a dev environment/subscription.

Would anyone know how I accomplish this ?

I want to learn real work experience somehow but away from the distracting & stressful work environment.

Cheers

Did you check this pathway?

2 Likes

And maybe this can help you.

2 Likes

I’ll check those out. Thanks Edwin

And I don’t think they have time for anything in any company. The world is going crazy :slight_smile: Here in the Netherlands a lot of vacancies but no people. (in almost all industries) So yes, then it will be difficult to train people. And covid isn’t really helping either.

Yep seems that way. What’s crazy is the cost of training is miniscule compared the return on investment by having staff who actually know what they are doing & can perform the job that’s expected of them.

Many exams just teach you some of the lingo & concepts but in no way prepare you for analysing complex incidents in complex environment’s.

I find with the security analyst role particularly lacking in appropriate training as its hard to deliver analysing logs for various scenarios with out simulating it somehow.

Like training a pilot but not providing a plane or simulator just multiple choice questions & theory then wondering why the plane crashed.

2 Likes

You are absolutely right.
Experience is worth so much more. But did you know that tryhackme also has a Cyber Defense path? maybe you should take a look at that too.

I’m actually still looking for some kind of lab for SecurityOnion.

Yep just started with tryhackme I like how it can spawn VM’s needed for scenario’s and guides your through.

1 Like

I was at a exam center yesterday.
There I asked for a roadmap from Microsoft.
I think this can be very helpful in understanding that jungle.

Security Compliance and Identity
SC-900 Microsoft Certified: Security, Compliance, and Identity Fundamentals
AZ-500 Microsoft Azure Security Technologies
MS-500 Microsoft 365 Security Administration
SC-200 Microsoft Security Operations Analyst
SC-300 Micros SC-400 | Microsoft Information Protection Administratoroft Identity and Access Administrator
SC-400 | Microsoft Information Protection Administrator

1 Like